AshAuthentication.Phoenix.LiveSession (ash_authentication_phoenix v2.8.0)

View Source

Ensures that any loaded users which are present in a conn's assigns are also present in a live view socket's assigns.

Typical usage is via the ash_authentication_live_session/2 macro, but can also manually called like so:

scope "/", ExampleWeb do
  pipe_through(:browser)

  live_session :authenticated, on_mount: LiveSession, session: {LiveSession, :generate_session, []} do
    live "/", ExampleLive
  end
end

Summary

Functions

Generate a live session wherein all subject assigns are copied from the conn into the socket.

Assigns all subjects from their equivalent sessions, if they are not already assigned.

Supplements the session with any current_X assigns which are authenticated resource records from the conn.

Inspects the incoming session for any subject_name -> subject values and loads them into the socket's assigns.

Get options that should be passed to live_session.

Functions

ash_authentication_live_session(session_name \\ :ash_authentication, opts \\ [], list)

(macro)

Generate a live session wherein all subject assigns are copied from the conn into the socket.

Options:

  • :otp_app - Set the otp app in which to search for authenticated resources.
  • :on_mount_prepend - Same as :on_mount, but for hooks that need to be run before AshAuthenticationPhoenix's hooks.

All other options are passed through to live_session, but with session and on_mount hooks added to set assigns for authenticated resources. Unlike live_session, this supports multiple MFAs provided for the session option. The produced sessions will be merged.

assign_new_resources(socket, session, opts \\ [])

Assigns all subjects from their equivalent sessions, if they are not already assigned.

This exists to power nested liveviews, which have the session available but do not automatically inherit any assigns.

This does verify the token and confirm that it is not expired, but it bypasses the check for the token's presence in the token resource, even if you have configured AshAuthentication to require_token_presence_for_authentication?. This is because nested live views do not need to check again for this, as the :load_from_session plug already does this.

generate_session(conn, otp_app \\ nil, additional_hooks \\ [])

@spec generate_session(Plug.Conn.t(), atom() | [atom()], additional_hooks :: [mfa()]) ::
  %{
    required(String.t()) => String.t()
  }

Supplements the session with any current_X assigns which are authenticated resource records from the conn.

on_mount(arg1, params, session, socket)

@spec on_mount(
  atom() | {:set_otp_app, atom()},
  %{required(String.t()) => any()},
  %{required(String.t()) => any()},
  Phoenix.LiveView.Socket.t()
) :: {:cont | :halt, Phoenix.LiveView.Socket.t()}

Inspects the incoming session for any subject_name -> subject values and loads them into the socket's assigns.

For example a session containing {"user", "user?id=aa6c179c-ee75-4d49-8796-528c2981b396"} becomes an assign called current_user with the loaded user as the value.

opts(custom_opts \\ [])

Get options that should be passed to live_session.

This is useful for integrating with other tools that require a custom live_session, like beacon_live_admin. For example:

beacon_live_admin AshAuthentication.Phoenix.LiveSession.opts(...beacon_opts) do
  ...
end